# MySQL数据库配置
import os
from datetime import timedelta

# 生产环境应该使用更安全的随机密钥
SECRET_KEY = os.environ.get('SECRET_KEY') or "dawhkjdhjklhflawhocxndsaklj_change_this_in_production"

# Session安全配置
PERMANENT_SESSION_LIFETIME = timedelta(hours=8)  # 8小时会话超时
SESSION_COOKIE_SECURE = False  # HTTPS环境下设置为True
SESSION_COOKIE_HTTPONLY = True  # 防止XSS攻击
SESSION_COOKIE_SAMESITE = 'Lax'  # CSRF保护

DIALECT = 'mysql'
DRIVER = 'pymysql'
HOST = 'localhost'
PORT = '3306'
USERNAME = 'root'
PASSWORD = 'A310a310.'
DATABASE = 'jizu202501'

# mysql不识别utf-8，需要直接写成utf8
SQLALCHEMY_DATABASE_URI = "{}+{}://{}:{}@{}:{}/{}?charset=utf8".format(DIALECT, DRIVER, USERNAME, PASSWORD, HOST,
                                                                       PORT, DATABASE)
SQLALCHEMY_TRACK_MODIFICATIONS = True
